#############################################################################################################
# Description : certcheck will report certificate expiry date for all the URLs that is available in urls.txt#
# Date : 10/17/2017 #
# Ver : 2.0 #
# Ver 1 : 10/17/2017 #
# Ver 2 : Added Email Alerts 10/18/2017 #
# Usage : execute ./certcheck.ksh #
#############################################################################################################
EXP_DAYS=90
DATA_FILE_PATH="urls.txt"
OPENSSL="/usr/bin/openssl"
MAILX="/bin/mailx"
EMAILADDRFILE='emails.txt'
function check_expiry {
DAYS=`echo "(($(date -d "$2" +%s))-$(date +%s))/86400" | bc -l|awk -F'.' '{ print $1 }'`
if [ $DAYS -lt 0 ]; then
echo " Certificate already expired $DAYS ago";
elif [ $DAYS -gt 0 -a $DAYS -lt $EXP_DAYS ] ; then
echo " Certificate renewal due in $EXP_DAYS Days - Sending Email Alert";
EMAIL_ADDRS=`cat $EMAILADDRFILE`
echo " $EXP_DAYS Days certificate expiry notice for $1"|$MAILX -s "IMPORTANT ${1} - Certificate will expire in $EXP_DAYS Days" $EMAIL_ADDRS
else
echo " Certificate expires in $DAYS days"
fi
}
cat $DATA_FILE_PATH|grep -v '#' |while read SERVERNAME
do
if [ $(echo $SERVERNAME|grep ":" | wc -l) -eq 1 ]; then
echo -n $SERVERNAME" "
DATESTR=`(echo | $OPENSSL s_client -connect $SERVERNAME 2>/dev/null | $OPENSSL x509 -noout -enddate|sed 's/notAfter=//g') | awk -F' ' '{ print $1" "$2" "$4 }'`
else
echo -n ${SERVERNAME}:443 " "
DATESTR=`(echo | $OPENSSL s_client -connect $SERVERNAME:443 2>/dev/null | $OPENSSL x509 -noout -enddate|sed 's/notAfter=//g' ) | awk -F' ' '{ print $1" "$2" "$4 }'`
fi
echo -n $DATESTR
check_expiry "$SERVERNAME" "$DATESTR"
done
# Description : certcheck will report certificate expiry date for all the URLs that is available in urls.txt#
# Date : 10/17/2017 #
# Ver : 2.0 #
# Ver 1 : 10/17/2017 #
# Ver 2 : Added Email Alerts 10/18/2017 #
# Usage : execute ./certcheck.ksh #
#############################################################################################################
EXP_DAYS=90
DATA_FILE_PATH="urls.txt"
OPENSSL="/usr/bin/openssl"
MAILX="/bin/mailx"
EMAILADDRFILE='emails.txt'
function check_expiry {
DAYS=`echo "(($(date -d "$2" +%s))-$(date +%s))/86400" | bc -l|awk -F'.' '{ print $1 }'`
if [ $DAYS -lt 0 ]; then
echo " Certificate already expired $DAYS ago";
elif [ $DAYS -gt 0 -a $DAYS -lt $EXP_DAYS ] ; then
echo " Certificate renewal due in $EXP_DAYS Days - Sending Email Alert";
EMAIL_ADDRS=`cat $EMAILADDRFILE`
echo " $EXP_DAYS Days certificate expiry notice for $1"|$MAILX -s "IMPORTANT ${1} - Certificate will expire in $EXP_DAYS Days" $EMAIL_ADDRS
else
echo " Certificate expires in $DAYS days"
fi
}
cat $DATA_FILE_PATH|grep -v '#' |while read SERVERNAME
do
if [ $(echo $SERVERNAME|grep ":" | wc -l) -eq 1 ]; then
echo -n $SERVERNAME" "
DATESTR=`(echo | $OPENSSL s_client -connect $SERVERNAME 2>/dev/null | $OPENSSL x509 -noout -enddate|sed 's/notAfter=//g') | awk -F' ' '{ print $1" "$2" "$4 }'`
else
echo -n ${SERVERNAME}:443 " "
DATESTR=`(echo | $OPENSSL s_client -connect $SERVERNAME:443 2>/dev/null | $OPENSSL x509 -noout -enddate|sed 's/notAfter=//g' ) | awk -F' ' '{ print $1" "$2" "$4 }'`
fi
echo -n $DATESTR
check_expiry "$SERVERNAME" "$DATESTR"
done
No comments:
Post a Comment